Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30970bd7-66d2-4f81-92a4-6ad1c9bbf0cb.roa
File: 30970bd7-66d2-4f81-92a4-6ad1c9bbf0cb.roa (raw, json)
Hash identifier: WQZLCiqDz8eQTX2yptHupq5KdHSGrnpqqj8OfL6aI1I=
Subject key identifier: CB:BD:52:5A:D2:AD:B9:30:8E:B9:5D:65:4A:C0:E6:D1:12:12:6C:AC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 04BA31DDE7442A3C59F43749E100A93ED82F2BE7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30970bd7-66d2-4f81-92a4-6ad1c9bbf0cb.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 166.74.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:ba:31:dd:e7:44:2a:3c:59:f4:37:49:e1:00:a9:3e:d8:2f:2b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: serialNumber=443c4dbd26097a2b089f83e91fd74afcee97a7a431d39bfbccbd42f9e3b2446d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bf:76:cb:9a:13:81:85:23:48:a7:fb:73:24:
9d:b6:fc:43:b6:54:7a:e9:64:28:0c:0e:65:d7:db:
68:d3:b1:a3:8e:9d:e9:dc:a5:b0:0c:be:08:25:09:
19:c8:31:5f:77:ce:ae:8f:d6:30:48:be:bc:e6:5d:
66:32:8b:42:a6:fc:40:cc:ad:1a:bf:e4:ff:84:aa:
e6:ad:20:47:1e:a6:0d:1e:2c:6c:9b:9a:be:90:cd:
da:74:40:4d:fe:f5:53:5b:fc:e6:c0:c5:0d:ce:9a:
9f:59:f4:31:2d:23:30:25:c8:52:f0:bd:8f:1f:59:
3f:6e:ab:1e:e5:1c:35:ea:a6:f3:09:cf:d7:63:f2:
85:5c:72:f9:fb:5d:f4:2a:a7:71:04:a1:83:4e:26:
58:80:94:7e:d5:f6:a3:ea:c4:cb:bf:98:7c:b9:17:
56:de:a4:b9:8e:02:8e:64:0b:12:2a:69:86:e5:27:
78:c6:85:b6:13:86:5c:02:3e:2e:9a:a8:28:73:e0:
2d:5a:19:f5:95:5f:85:66:b9:5f:f3:9c:9c:af:32:
e2:5c:35:3a:bd:35:f8:23:f9:12:70:0a:d6:54:af:
cb:e5:45:17:04:e3:79:ec:c1:be:87:ce:a8:33:17:
31:b2:43:04:e5:64:5c:6e:0d:2a:a0:0a:2d:06:c6:
6b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BD:52:5A:D2:AD:B9:30:8E:B9:5D:65:4A:C0:E6:D1:12:12:6C:AC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30970bd7-66d2-4f81-92a4-6ad1c9bbf0cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:d6:e4:45:24:ac:18:63:5f:5d:55:8f:9b:b9:21:fa:91:73:
4b:1a:70:49:36:63:1e:73:06:de:6f:db:53:f3:c4:7a:41:a8:
50:90:eb:f0:2b:11:6b:bb:62:6d:8b:a7:e2:13:10:02:00:97:
a8:ae:5b:67:b8:a9:5c:ef:4b:c4:41:0f:0f:fa:ac:c3:10:5b:
72:d4:12:f9:26:d0:3b:3c:f2:c8:9d:65:c9:83:48:25:43:00:
1a:4b:34:59:95:97:85:53:f5:49:dc:fc:b9:62:3d:7e:be:e4:
0c:0c:ac:5e:b1:d6:18:e7:00:e6:83:23:a7:37:a4:80:fa:92:
8c:e8:9e:7a:c1:ef:b6:ab:bf:32:90:47:83:b0:e7:8a:79:e1:
fa:47:0f:71:2e:3b:74:0f:69:18:61:07:53:c2:da:0c:04:33:
cf:c0:9a:5b:86:73:61:60:5b:53:7e:31:47:6c:b1:37:da:42:
09:ac:3a:83:35:62:b3:d8:95:32:e2:f8:fe:92:a2:60:18:e2:
28:a3:72:f3:1a:b8:58:77:6a:fa:a1:bd:95:fe:ea:f5:f0:19:
2d:fa:20:26:61:9b:b1:cf:1c:87:db:5a:0f:cc:3b:80:23:5c:
f5:b5:ca:fc:29:c0:8a:2c:de:eb:81:63:d4:33:d2:3c:79:7c:
2a:39:3b:34
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBLox3edEKjxZ9DdJ4QCpPtgvK+cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NDNjNGRiZDI2MDk3YTJiMDg5ZjgzZTkxZmQ3NGFmY2Vl
OTdhN2E0MzFkMzliZmJjY2JkNDJmOWUzYjI0NDZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPv3bLmhOBhSNIp/tzJJ22/EO2VHrpZCgMDmXX22jTsaOO
nencpbAMvgglCRnIMV93zq6P1jBIvrzmXWYyi0Km/EDMrRq/5P+EquatIEcepg0e
LGybmr6Qzdp0QE3+9VNb/ObAxQ3Omp9Z9DEtIzAlyFLwvY8fWT9uqx7lHDXqpvMJ
z9dj8oVccvn7XfQqp3EEoYNOJliAlH7V9qPqxMu/mHy5F1bepLmOAo5kCxIqaYbl
J3jGhbYThlwCPi6aqChz4C1aGfWVX4VmuV/znJyvMuJcNTq9Nfgj+RJwCtZUr8vl
RRcE43nswb6HzqgzFzGyQwTlZFxuDSqgCi0GxmvnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUy71SWtKtuTCOuV1lSsDm0RISbKwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwOTcwYmQ3LTY2ZDItNGY4MS05MmE0LTZhZDFjOWJiZjBjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCmSjANBgkqhkiG9w0BAQsFAAOCAQEAANbkRSSsGGNfXVWPm7kh+pFzSxpw
STZjHnMG3m/bU/PEekGoUJDr8CsRa7tibYun4hMQAgCXqK5bZ7ipXO9LxEEPD/qs
wxBbctQS+SbQOzzyyJ1lyYNIJUMAGks0WZWXhVP1Sdz8uWI9fr7kDAysXrHWGOcA
5oMjpzekgPqSjOieesHvtqu/MpBHg7Dninnh+kcPcS47dA9pGGEHU8LaDAQzz8Ca
W4ZzYWBbU34xR2yxN9pCCaw6gzVis9iVMuL4/pKiYBjiKKNy8xq4WHdq+qG9lf7q
9fAZLfogJmGbsc8ch9taD8w7gCNc9bXK/CnAiize64Fj1DPSPHl8Kjk7NA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:42:02 2025 by rpki-client